<?php
	session_start();
	require_once("db_conn/conn_db.php");
	
	$user = $_REQUEST['user'];
	$pass = $_REQUEST['pass'];
	//echo "user = ".$user." password = ".$pass;
	if(is_null($pass))$rs = "select * from user where username = '$user'";
	else $rs = "select * from user where username = '$user' and password ='".md5($pass)."'";
	//echo "masuk sini $rs";
	//exit;
	$result = mysql_query($rs) or die(mysql_error());
	if ($row=mysql_fetch_array($result)) {
		//echo $row[1];
		$_SESSION['user_name'] = $row[1];
        $_SESSION['status_user'] = $row[3];
		$_SESSION['user_id'] = $row[0];
		$sesi = $row[3];
		switch ($sesi) {
		case "1":
			header('location:index.php');
			break;
		case "2":
			header('location:index.php');
			break;
		case "3":
			header('location:index.php');
			break;
		default:
			header('location:index.php');	
			break;
	}
	}
	else{
	//echo $row[1];
	//header('location:login.php?err='.urlencode("Username atau password salah"));
	header('location:index.php?err=yes');
	}
?>